CVE-2023-46289

Rockwell Automation FactoryTalk® View Site Edition Vulnerable to Improper Input Validation

CVSS 7.5 HIGHEPSS 0.9%CWE-20

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

27 oct 2023Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Productos afectados

Rockwell Automation · FactoryTalk® View Site Edition

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141167